FCC Chairman Ajit Pai is pushing a proposal that would ban U.S. telecommunications firms from using commission funds to buy equipment from companies deemed national security threats. The new rule would first target Chinese telecom companies Huawei and ZTE.
After months of appeals, Facebook has agreed to pay $643,000 to settle claims that it violated U.K. privacy laws by allowing Cambridge Analytica - a now-defunct digital marketer that focused, in part, on political campaigns - to access the personal data of 87 million of its users.
Facebook is suing NSO Group, a spyware company, alleging it developed a potent exploit to spy on WhatsApp messages sent by diplomats, journalists, human rights activists and political dissidents. Facebook is seeking damages and an injunction forbidding NSO Group from accessing its infrastructure.
Russian attack group Turla has been named and shamed for hijacking Iranian nation-state attackers' infrastructure. The aim of GCHQ and NSA's attribution is, in part, to make Turla's future cyber espionage efforts more costly and time-consuming.
Two new security incidents demonstrate how easily millions of customer records can be exposed. Researchers found an unsecured database containing records of customers of Adobe Creative Cloud. And Italy's UniCredit bank announced a "data incident" that exposed a file containing customer records.
Agile environments benefit from development platforms and open-source software, but that also raises the risks of attacks seeded in those supply chains, says Chet Wisniewski of Sophos, who describes steps that organizations can take to mitigate the risks.
Johannesburg has been hit with a ransomware attack that is crippling municipal services. City Power, an electric utility owned by the city that was hit by a similar attack in July - also was affected by the latest attack.
Democratic lawmakers are urging the U.S. Federal Trade Commission to open an investigation into whether Amazon violated federal law by failing to the prevent Capital One's devastating data breach. Amazon dismissed the request as "baseless and a publicity attempt from opportunistic politicians."
The use of new standards can help strengthen cybersecurity risk management of medical devices at the Department of Veterans Affairs as well as other healthcare organizations, says Anura Fernando of UL, which recently completed a study with the VA examining gaps in medical device cybersecurity approaches.
A U.S. Congressional committee on Wednesday peppered Facebook CEO Mark Zuckerberg with tough questions about the company's plans for a cryptocurrency called Libra, raising concerns about privacy issues as well as potential use of the currency for money laundering or to finance deals for illegal drugs and weapons.
The National Cyber Security Center, the U.K.'s national computer emergency response team, investigated 658 serious cybersecurity incidents in a 12-month period and supported nearly 900 victim organizations - most of whom learned they had fallen victim after being alerted by the center.
Avast's CCleaner utility is popular - with attackers. For the second time in two years, the company says it believes CCleaner was the intended targeted of a carefully plotted intrusion executed between May and October.
Virtual private network provider NordVPN says an error by its Finish data center provider allowed an attacker to gain control of a server, but it says its broader service was not hacked. One security expert, however, says the attacker would have had "God mode" on one VPN node.